/**
 *
 * The MIT License
 *
 * Copyright (c) 2008 Board of Trustees, Leland Stanford Jr. University. All rights reserved.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:

 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.

 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
package org.macdadi.core.client.auth;

import org.macdadi.core.client.domain.User;

import java.util.Arrays;

/**
 * This class represents a user with a currently valid session, which is
 * identified by the <code>authToken</code> property. It provides methods
 * to check whether a particular operation is permitted for this user. This
 * functionality is intended for use by client-side code that wishes to
 * dynamically modify the UI based on the current user's permitted actions.
 *
 * The <code>authToken</code>, i.e. session identifier, must be passed to
 * all methods that modify domain or, for non-public projects, read domain.
 * 
 * @author Ben Suter <ben.suter@gmail.com>
 */
public class AuthenticatedUser extends User
{
    protected String authToken;
    protected String email;
    protected String[] authorizedOperations;

    public String getAuthToken() {
        return authToken;
    }

    public void setAuthToken(String authToken) {
        this.authToken = authToken;
    }

    public String getEmail() {
        return email;
    }

    public void setEmail(String email) {
        this.email = email;
    }

    /**
     * Set the list of operations for which this user is authorized. An operation here
     * is a triple consisting of the project id, the target (e.g. goals) and the
     * operation (e.g. create).
     * 
     * @param authorizedOperations  each operation is P-T-O where P is the projectId,
     *                              T is the target, O is the operation.
     */
    public void setAuthorizedOperations(String[] authorizedOperations) {
        this.authorizedOperations = authorizedOperations;
        Arrays.sort(this.authorizedOperations); /* Must be sorted for binarySearch to work later on */
    }

    // TODO: use enums for target and operation once we use GWT 1.5
    public boolean isAuthorizedOperation(int projectId, String target, String operation) {
        String op = projectId + ":" + target + ":" + operation;
        return ( Arrays.binarySearch(authorizedOperations, op) >= 0 );
    }
}
